[opencms-dev] Internal Use Only option

[Christian Steinert]

Dear Isaac,

P.S. if a HTTP request points to a file AND the current user is not
logged in AND that file has read permissions which make it unavailable
for the "Guest" usergroup, then the user will be automatically asked for
login information.

This is based on the permissions (ACLs) of a file and has nothing to do
with the "internal use" flag. The automatic login request is sent as
HTTP basic login request by default, but can be re-configured to use a
custom HTML-form instead. I have no experience with this type of
automatic HTML-form - based authentication, but probably others on this
list have.

Maybe this is more like what you're looking for?

__

If you really want to do IP-address - based authentication, then I don't
really know how you would proceed. The problem is that if your site
tries to log somebody into the user management of opencms, then opencms
requires a valid username/password combination. So, if your applications
wants to log somebody in, based on their IP only, then your application
would somehow have to know which username and password to use (and
plaintext-passwords are a bad thing for any application to know...).
Thus, I don't really know how it would be best to approach an IP-based
access control.
__

If you have further questions, then its probably helpful, if you explain
in more detail, what you are up to.

hth
greetings & regards
christian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3269 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20070507/3097578a/attachment.bin>